Advanced search  


cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.

Pages: [1]   Go Down

Author Topic: Don't allow direct links  (Read 3305 times)

0 Members and 1 Guest are viewing this topic.


  • Coppermine newbie
  • Offline Offline
  • Posts: 1
Don't allow direct links
« on: August 30, 2009, 08:10:53 pm »

i'am using coppermine gallery 1.4 and i have seen that it's possible to get (externally) access to the uploaded photos with a direct link (...albums/userpics/10001/1/123456789.jpg).
Via htaccess i can block these access but i also blocks the loged-in user :/

Has someone an idea how i can forbid the access via direct linking the photos?



Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
Re: Don't allow direct links
« Reply #1 on: August 30, 2009, 10:34:07 pm »

No, that's nearly impossible. Has been discussed before. Someone who knows the path to the image can access it. You'd have to create the images dynamically (or move them around) and purge those temporary files after a short period. This would create an incredible load on the server and therefor would be only an option on galleries that get very little traffic.
Pages: [1]   Go Up

Page created in 0.019 seconds with 20 queries.